Subscribe to Our Daily Newsletter

More on LinuxToday

Security Linux News for Dec 19, 2000

Conectiva Linux Security Announcement - sysklogd(Dec 19, 2000, 23:36)
"Vulnerabilities have been found in the sysklogd package that,
if exploited, would allow local users to obtain root access. It is
also possible that a remote exploit could be used under certain
circumstances."

TurboLinux Security Announcement: xchat-1.4.2 and earlier(Dec 19, 2000, 22:05)
"By supplying commands enclosed in backticks (``) in URL's sent
to X-Chat, it is possible to execute arbitrary commands should the
X-Chat user decide to view the link by clicking on it. This is due
to the manner in which X-Chat launches pages for viewing."

Zope security alert and hotfix release(Dec 19, 2000, 19:28)
"We recommend that any Zope site running versions of Zope up to
and including 2.2.4 have this hotfix product installed to mitigate
the issue if the site is accessible by untrusted users who have
DTML editing privileges."